Privacy Policy
How we collect, use, share, and protect personal information for members inside the Tradeline Authority Vault, along with your choices and privacy rights.
Quick Summary (Plain English)
- We collect only what’s needed to create your account, process payments, run the Vault, and support you.
- Payments are processed by Gumroad (our current provider). We never see or store full card numbers.
- We log Vault activity (e.g., lessons viewed, downloads) to secure the platform and improve content.
- We do not sell your personal information. Limited sharing with service providers only.
- You can access, update, or delete certain data, control marketing, and exercise state/international privacy rights.
Scope & Controller
This Privacy Policy applies to personal information processed when you purchase access on Gumroad and use the Tradeline Authority Vault after login. The data controller for Vault operations is Tradeline Authority (“we,” “us,” “our”).
What We Collect
- Account & Profile — name, email, password (hashed), company, role.
- Billing — purchase history and non-sensitive billing tokens from Gumroad (brand/last4/expiration). We do not store full PAN/CVV.
- Vault Activity — pages viewed, progress, search queries, downloads, quiz attempts, timestamps, IP/device info (for security and analytics).
- Support & Communications — emails, tickets, chat messages, call notes.
- Files You Upload — documents you attach in tools or support (you control what you upload).
- Cookies & Similar Tech — essential session cookies; optional analytics/marketing cookies (see Cookies & Tracking).
How We Use Information
- Provide the Vault — create and maintain accounts, authenticate sessions, deliver lessons, tool access, and certificates. Legal basis: contract/legitimate interests.
- Payments & Invoicing — process transactions through Gumroad, prevent fraud, handle refunds/chargebacks. Basis: contract/legal obligation.
- Support — respond to requests, fix issues, and customize guidance. Basis: contract/legitimate interests.
- Improve & Secure — product analytics, QA, abuse and intrusion monitoring. Basis: legitimate interests.
- Communications — account/transactional emails; optional product updates (you can unsubscribe). Basis: contract/consent where required.
- Compliance — meet legal, tax, and audit requirements. Basis: legal obligation.
Data Retention
- Account & purchasesWhile account is active + up to 7 years (tax/audit)
- Support tickets & emails3 years from last interaction
- Vault analytics (aggregated)26 months (then de-identified)
- Access logs & security events12–24 months (shorter where feasible)
- Uploaded filesYou may delete; backups roll off on a schedule
Your Choices & Rights
- Access/Update — edit profile details from your account or contact us.
- Delete — request deletion of your account and eligible data (some records kept as required by law).
- Marketing — unsubscribe from non-transactional emails at any time.
- Verification — we may ask for reasonable information to confirm your identity before fulfilling requests.
To exercise rights, email info@reportprimarytradelines.com.
US State Privacy Notices (including California)
- Right to Know/Access/Correction/Deletion — you may request access to, correction of, or deletion of personal information we maintain, subject to exceptions.
- Sensitive data — we do not use sensitive personal information to infer characteristics.
- Sale/Sharing — we do not “sell” personal information or “share” it for cross-context behavioral advertising; honoring Global Privacy Control (GPC) is therefore not applicable to advertising here.
- Authorized agents — if you use an agent, we may require proof of authorization and your verification.
- Non-discrimination — we will not discriminate against you for exercising your privacy rights.
- Financial incentives — we do not offer programs that require you to waive privacy rights.
- “Shine the Light” (CA Civ. Code §1798.83) — we do not disclose personal information to third parties for their direct marketing.
EU/UK GDPR Information
If you are in the EEA/UK, you have rights to access, rectify, erase, restrict, or object to processing and to data portability, and the right to lodge a complaint with your supervisory authority. Our typical legal bases are contract, legitimate interests, legal obligation, and consent where required. Contact us at info@reportprimarytradelines.com.
Security
We use administrative, technical, and physical safeguards (TLS in transit, access controls, least-privilege, monitoring, and regular backups). Payments are handled through Gumroad, which is responsible for PCI DSS compliance. No method is 100% secure; please use a strong unique password and enable device protections. If we learn of a breach affecting you, we will notify you as required by law.
International Transfers
Data may be processed in the United States. Where required, we rely on Standard Contractual Clauses or comparable safeguards for transfers.
Children
The Vault is for adults and professional learners. We do not knowingly collect data from children under 13 (or under 16 in certain regions). If you believe a child has provided personal information, contact us to remove it.
External Links & Third-Party Sites
We sometimes link to external sites (e.g., government resources and Gumroad for receipts/account changes). These are governed by those sites’ policies. Links open in a new tab. Returning from an external page may require you to sign back in if your Vault session expires.
Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects about you.
Changes to This Policy
We’ll post updates here and adjust the “Last updated” date above. Material changes may also be announced in-app or via email.
Contact Us
Questions or privacy requests: info@reportprimarytradelines.com · Tradeline Authority, Privacy Team, Your Mailing Address.
Educational Notice: The Vault provides education and tools, not legal advice. For legal questions, consult qualified counsel.